1,720,977 research outputs found
Efficient, Scalable, and Accurate Program Fingerprinting in Binary Code
Why was this binary written? Which compiler was used? Which free software
packages did the developer use? Which sections of the code were borrowed? Who wrote
the binary? These questions are of paramount importance to security analysts and reverse
engineers, and binary fingerprinting approaches may provide valuable insights that can
help answer them. This thesis advances the state of the art by addressing some of the
most fundamental problems in program fingerprinting for binary code, notably, reusable
binary code discovery, fingerprinting free open source software packages, and authorship
attribution.
First, to tackle the problem of discovering reusable binary code, we employ a technique
for identifying reused functions by matching traces of a novel representation of binary
code known as the semantic integrated graph. This graph enhances the control flow
graph, the register flow graph, and the function call graph, key concepts from classical program analysis, and merges them with other structural information to create a joint data
structure. Second, we approach the problem of fingerprinting free open source software
(FOSS) packages by proposing a novel resilient and efficient system that incorporates
three components. The first extracts the syntactical features of functions by considering
opcode frequencies and performing a hidden Markov model statistical test. The second
applies a neighborhood hash graph kernel to random walks derived from control flow
graphs, with the goal of extracting the semantics of the functions. The third applies the
z-score to normalized instructions to extract the behavior of the instructions in a function.
Then, the components are integrated using a Bayesian network model which synthesizes
the results to determine the FOSS function, making it possible to detect user-related functions.
Third, with these elements now in place, we present a framework capable of decoupling
binary program functionality from the coding habits of authors. To capture coding habits,
the framework leverages a set of features that are based on collections of functionalityindependent
choices made by authors during coding. Finally, it is well known that techniques
such as refactoring and code transformations can significantly alter the structure
of code, even for simple programs. Applying such techniques or changing the compiler
and compilation settings can significantly affect the accuracy of available binary analysis
tools, which severely limits their practicability, especially when applied to malware. To
address these issues, we design a technique that extracts the semantics of binary code in terms of both data and control flow. The proposed technique allows more robust binary
analysis because the extracted semantics of the binary code is generally immune
from code transformation, refactoring, and varying the compilers or compilation settings.
Specifically, it employs data-flow analysis to extract the semantic flow of the registers as
well as the semantic components of the control flow graph, which are then synthesized
into a novel representation called the semantic flow graph (SFG).
We evaluate the framework on large-scale datasets extracted from selected open source
C++ projects on GitHub, Google Code Jam events, Planet Source Code contests, and students’
programming projects and found that it outperforms existing methods in several
respects. First, it is able to detect the reused functions. Second, it can identify FOSS
packages in real-world projects and reused binary functions with high precision. Third, it
decouples authorship from functionality so that it can be applied to real malware binaries
to automatically generate evidence of similar coding habits. Fourth, compared to existing
research contributions, it successfully attributes a larger number of authors with a significantly
higher accuracy. Finally, the new framework is more robust than previous methods
in the sense that there is no significant drop in accuracy when the code is subjected to
refactoring techniques, code transformation methods, and different compilers
BinGold: Towards robust binary analysis by extracting the semantics of binary code as semantic flow graphs (SFGs)
AbstractBinary analysis is useful in many practical applications, such as the detection of malware or vulnerable software components. However, our survey of the literature shows that most existing binary analysis tools and frameworks rely on assumptions about specific compilers and compilation settings. It is well known that techniques such as refactoring and light obfuscation can significantly alter the structure of code, even for simple programs. Applying such techniques or changing the compiler and compilation settings can significantly affect the accuracy of available binary analysis tools, which severely limits their practicability, especially when applied to malware. To address these issues, we propose a novel technique that extracts the semantics of binary code in terms of both data and control flow. Our technique allows more robust binary analysis because the extracted semantics of the binary code is generally immune from light obfuscation, refactoring, and varying the compilers or compilation settings. Specifically, we apply data-flow analysis to extract the semantic flow of the registers as well as the semantic components of the control flow graph, which are then synthesized into a novel representation called the semantic flow graph (SFG). Subsequently, various properties, such as reflexive, symmetric, antisymmetric, and transitive relations, are extracted from the SFG and applied to binary analysis. We implement our system in a tool called BinGold and evaluate it against thirty binary code applications. Our evaluation shows that BinGold successfully determines the similarity between binaries, yielding results that are highly robust against light obfuscation and refactoring. In addition, we demonstrate the application of BinGold to two important binary analysis tasks: binary code authorship attribution, and the detection of clone components across program executables. The promising results suggest that BinGold can be used to enhance existing techniques, making them more robust and practical
QoS based Route Management in Cognitive Radio Networks
Cognitive radio networks are smart networks that automatically sense the channel and adjust the network parameters accordingly. Cognitive radio is an emerging technology that enables the dynamic deployment of highly adaptive radios that are built upon software defined radio technology. The radio technology allows the unlicensed operation to be in the licensed band. The cognitive radio network paradigm therefore raises many technical challenges such as the power efficiency, spectrum management, spectrum detection, environment awareness, the path selection as well as the path robustness, and security issues.
Traditionally, in the routing approaches in the wired network, each node allows a maximum load through the selected route while traditionally in the routing approaches in wireless network, each node broadcasts its request with the identification of the required destination. However, the existing routing approaches in cognitive radio networks (CRN) follow the traditional approaches in wireless network especially those applied for ad hoc networks. In addition, these traditional approaches do not take into account spectrum trading as well as spectrum competition among licensed users (PUs).
In this thesis, a novel QoS based route management approach is proposed by introducing two different models; the first model is without game theory and the second model is with game theory. The proposed QoS routing algorithm contains the following elements: (i) a profile for each user, which contains different parameters such as the unlicensed user (secondary user, SU) identification, number of neighbors, channel identification, neighbor identification, probabilities of idle slots and the licensed user (primary user, PU) presence. In addition, the radio functionality feature for CRN nodes gives the capability to sense the channels and therefore each node shares its profile with the sensed PU, which then exchanges its profile with other PUs, (ii) spectrum trading, a PU calculates its price based on the SU requirements, (iii) spectrum competition, a new coefficient α is defined that controls the price because of competition among PUs and depends on many factors such as the number of primary users, available channels, and duration of the usage, (iv) a new function called QoS function is defined to provide different levels of quality of service to SUs, and (v) the game theory concept adds many features such as the flexibility, the dynamicity in finding solutions to the model and the dynamic behaviors of users. Based on the previous elements, all possible paths are managed and categorized based on the level of QoS requested by SUs and the price offered by the PU. The simulation results show that the aggregate throughput and the average delay of the routes determined by the proposed QoS routing algorithm are superior to existing wireless routing algorithms. Moreover, network dynamics is examined under different levels of QoS
Going Beyond Counting First Authors in Author Co-citation Analysis
The present study examines one of the fundamental aspects of author co-citation analysis (ACA) - the way co-citation
counts are defined. Co-citation counting provides the data on which all subsequent statistical analyses and mappings
are based, and we compare ACA results based on two different types of co-citation counting - the traditional type that
only counts the first one among a cited work's authors on the one hand and a non-traditional type that takes into
account the first 5 authors of a cited work on the other hand. Results indicate that the picture produced through this non-traditional author co-citation counting contains more coherent author groups and is therefore considerably clearer. However, this picture represents fewer specialties in the research field being studied than that produced through the traditional first-author co-citation counting when the same number of top-ranked authors is selected and analyzed. Reasons for these effects are discussed
Variations on the Author
“Variations on the Author” discusses two of Eduardo Coutinho’s recent films (Um Dia na Vida, from 2010, and Últimas Conversas, posthumously released in 2015) and their contribution to the general question of documentary authorship. The director’s filmography is characterized by a consistent yet self-effacing form of authorial self-inscription: Coutinho often features as an interviewer that rather than express opinions propels discourses; an interviewer that is good at listening. This mode of self-inscription characterizes him as an author who is not expressive but who is nonetheless markedly present on the screen. In Um Dia na Vida, however, Coutinho is completely absent form the image, while Últimas Conversas, on the contrary, includes a confessional prologue that moves the director from the margins to the center of his films. This article examines the ways in which these works stand out in the filmography of a director who offers new insights into the notion of cinematic authorship
Appropriate Similarity Measures for Author Cocitation Analysis
We provide a number of new insights into the methodological discussion about author cocitation analysis. We first argue that the use of the Pearson correlation for measuring the similarity between authors’ cocitation profiles is not very satisfactory. We then discuss what kind of similarity measures may be used as an alternative to the Pearson correlation. We consider three similarity measures in particular. One is the well-known cosine. The other two similarity measures have not been used before in the bibliometric literature. Finally, we show by means of an example that our findings have a high practical relevance.information science;Pearson correlation;cosine;similarity measure;author cocitation analysis
PPDL:Efficient Dropout-Resilient Aggregation for Privacy-Preserving Decentralized Learning
Decentralized learning (DL) offers a novel paradigm in machine learning by distributing training across clients without central aggregation, enhancing scalability and efficiency. However, DL’s peer-to-peer model introduces unique challenges in protecting machine learning models against inference attacks and privacy leaks. By forgoing central bottlenecks, DL demands privacy-preserving aggregation methods to protect data from ‘honest but curious’ clients and adversaries, maintaining network-wide privacy. Privacy-preserving DL faces the additional hurdle of client dropout, clients not submitting updates due to connectivity problems or unavailability, further complicating the aggregation. In this paper, we propose three secret sharing-based dropout resilience protocols for privacy-preserving DL. We evaluate the efficiency, performance, and accuracy of these protocols through experiments on open datasets MNIST, Fashion-MNIST, SVHN, and CIFAR-10. We also compare our protocols with traditional secret-sharing solutions including a scenario that contains up to 1000 clients. Evaluations show that our protocols significantly outperform conventional methods, especially in scenarios with up to 30% of clients dropping out and model sizes of up to 106 parameters. Our proposals demonstrate significantly high efficiency with larger models, higher dropout rates, and extensive client networks, highlighting their effectiveness in enhancing decentralized learning systems’ privacy and dropout robustness.</p
A Secure Blockchain Network with Quantum Key Encryption and Authentication
In this paper, we present a network based on quantum key distribution (QKD) security. Photon has been used here to exchange keys between sender and receiver as photon possess unique quantum properties such as superposition, entanglement, and non-cloning, making them ideal for secure key exchange protocols. The proposed model integrates overlay networks with blockchain and quantum keys to ensure security against interception, cryptanalysis, including attacks from quantum computers, and provides a robust approach to key management. Additionally, Message Authentication Code (MAC) is incorporated for data authentication, using shared quantum keys. In digital signatures, quantum keys together with hash protocols are used to authenticate data between sender and receiver.</p
Dispelling the Myths Behind First-author Citation Counts
We conducted a full-scale evaluative citation analysis study of scholars in the XML research field to explore just how different from each other author rankings resulting from different citation counting methods actually are, and to demonstrate the capability of emerging data and tools on the Web in supporting more realistic citation counting methods. Our results contest some common arguments for the continued
use of first-author citation counts in the evaluation of scholars, such as high correlations between author rankings by first-author citation counts and other citation
counting methods, and high costs of using more realistic citation counting methods that are not well-supported by the ISI databases. It is argued that increasingly available digital full text research papers make it possible for citation analysis studies to go beyond what the ISI databases have directly supported and to employ more
sophisticated methods
- …
